Monday 6/1
Cisco to acquire internet monitoring solution ThousandEyes
Cisco’s Todd Nightingale, writing in a blog post announcing the deal said that the kind of data that ThousandEyes provides around internet user experience is more important than ever as internet connections have come under tremendous pressure with huge numbers of employees working from home.
https://tcrn.ch/2XmenDJ
PonyFinal Ransomware Targets Enterprise Servers Then Bides Its Time
“PonyFinal attackers have been seen gaining access through brute-force attacks against a target company’s systems management server,” Microsoft Security Intelligence tweeted. “They deploy a VBScript to run a PowerShell reverse shell to perform data dumps. They also deploy a remote manipulator system to bypass event logging.”
https://bit.ly/3eHK00v
Wednesday 6/3
Why There’s No Silver Bullet for BEC and EAC Attacks (Proofpoint)
BEC and EAC attacks have caused more than $26 billion in losses since 2016—and nearly $1.7 billion last year alone. And each one is unique, deploying countless ploys and psychological tricks limited only by attackers' guile.
https://bit.ly/2Xs2Pig
This new Trickbot malware update makes it even harder to detect
Now when Trickbot infects a domain controller, the malware is run from memory ensuring that no artefacts are left behind on an infected machine, making detection harder.
https://zd.net/3cwhXiQ
Thursday 6/4
Modernizing Your Data Backup with All-Flash Storage (Pure Storage)
Yes, backup is still an “insurance policy.” But now it’s an insurance policy for a high-crime area, including your network and the continual attacks made against it. And if you thought backup had finished leaping forward, maybe it just did it while you weren’t looking.
https://bit.ly/2z3pLLx
The sensitive data pandemic (Citrix)
To address the problem, organizations must evolve their capabilities beyond the current model of controlling sensitive data distribution that’s heavily dependent on access rights, worker actions (or inactions), and flagging compliance-impacting events after they’ve happened. And with IoT and analytics expanding our concept of sensitive data (by volume, depth and meaning), the time to act is now.
https://bit.ly/2UawRFb
Friday 6/5
Remote Work Survey: How Cyber Habits at Home Threaten Corporate Network Security (CyberArk)
The rush to onboard new applications and services that enable remote work combined with insecure connections and dangerous security practices of employees has significantly widened the attack surface and security strategies need to be updated to match this new dynamic threat landscape.
https://bit.ly/30bHlb7
Establishing an Application Driven Infrastructure for Cloud Ops (NetApp)
The acquisition of Spot will empower application developers to build, and Cloud Ops to deploy applications faster to the public clouds knowing we at NetApp will continuously optimize and protect them through our Application Driven Infrastructure.
https://ntap.com/3cItCvn
People rarely change their password after a data breach, study says
Just one-third of users took action following breach announcements, according to new research from Carnegie Mellon University.
https://cnet.co/3gRmmAx